World password day: tips to protect them
World Password Day is celebrated every year on the first Thursday of May.
According to a recent report, more than 80% of hacker breaches occur due to weak or stolen passwords. This proves that the first step in protecting information and resources is through the adoption of secure passwords.
Unfortunately, the increase in the amount of remote work promoted an increase in security breaches, making stronger passwords an even more important piece in a company’s access security.
VaultOne offers some tips for the safe use of passwords. Check it out:
Table of Contents
- Use unique passwords for each account created. When passwords are repeated on several sites and a security breach occurs on one of them, a hacker could then gain access to all accounts with that password. Don’t repeat passwords.
- Do not create passwords with obvious data, using personal information (birthdays, cities, countries, movies, addresses, license plates, names of relatives), as all of these are easily located by cybercriminals.
- Avoid words from dictionaries; they are also quickly discovered by attackers.
- Avoid similar passwords, which only change by one character.
- Do not use repeated or sequential characters, such as: 1234, abcd, asd123.
- Adopt complex passwords, with at least 10 different characters, mixing letters, numbers, and symbols.
- Avoid personal information in security questions.
- Get into the habit of changing passwords monthly.
- When changing a password, replace it completely, do not take advantage of pieces of the old password.
Fraud in internet banking and ATM’s
- To make sure that your bank’s website is genuine, enter your password incorrectly in internet banking. If the program accepts it, it is a cloned web page.
- When entering your password at banks, ATM’s, gas stations, and other commercial establishments, cover the keyboard with your body and hand; make sure that no CCTV cameras or anyone else will see you typing.
- Do not fall for re-registration by landline, cell phone, or internet. Do not give your password to anyone.
- Do not lend your password, even to a co-worker. Credentials shared by email, SMS, or on paper expose the company to data breaches.
- If necessary, use a password safe. It will enable sharing access with security, without the user seeing the credential.
- Do not leave passwords pasted on PCs or post-it notes.
- Store passwords in a digital password vault.
Problems when there is no defined security policy for passwords
- Leakage risks using weak, reused, and stolen credentials.
- Difficulty sharing credentials shared by email, SMS, or paper increase risk exposure
- Impairs productivity: loss of access and password resets can impair employees’ working time
- Lack of IT control: the administrator has little visibility into password security.
- Persistence of access by former employees even after they are disconnected.
Can your company afford a security breach?
VaultOne is a privileged account management solution that solves security problems by centralizing passwords in a digital safe, allowing users to access resources (servers, computers, social accounts) without the need for a password.
Instead of entrusting all resources to a password, an administrator can create a secure connection between the user and the resource using VaultOne to grant access.
Find out what VaultOne can do for your company. Talk to our experts.